The Q&A With Cylus: Ensuring Rail & Metro Systems Are Safe From Cyber-Attacks

* – This article has been archived and is no longer updated by our editorial team –

Rail networks are becoming more and more connected and digitized. The introduction of new technologies increases efficiency and improves safety. It also opens the door to a wide range of cyber threats on the operational networks. These threats can disrupt service availability and risk safety. Cylus, a cybersecurity company focused on rail, has developed an innovative solution to manage these threats.

We sat down with Amir Levintal, Co-Founder and CEO of Cylus, to find out more about what makes Cylus unique and how their solution works.

Q: Can you provide our readers with a brief overview of the developments in rail?

A: Over the past few years, the rail industry has been undergoing an exciting transformation of modernization. New technologies, like computer-based components and wireless systems, are being introduced to the operational network to increase efficiency, improve availability, and optimize maintenance processes.

Rail has always been one of the safest modes of transportation, with safety remaining the most important consideration in rail operations. This is the reason why new technologies must first meet safety constraints before they can be integrated. As a result, when security vulnerabilities are discovered in systems, remediation or patching activities might take longer to implement.

At Cylus, we identified rail-specific cyber threats and developed a solution to help this industry incorporate new technologies, as well as legacy ones, protecting them, from cyber-attacks.

A: The importance of creating tailored solutions for specific needs is well understood in all technological domains. The same goes in cybersecurity: no “one size fits all”. Rail operational networks are highly customized and complex.

Effective protection requires a deep understanding of the foundations and workings on which rail technology is based. It also calls for combining it with rich experience in cybersecurity. Cylus’ team consists of experts in both cyber and rail. We leverage our expertise to meet our customers’ specific needs and are experiencing great traction.

Q: Can you describe Cylus’ solution?

A: CylusOne is a comprehensive solution, developed to help rail companies stop attacks on their operational networks in the earliest stage possible. We built our product from scratch and designed it to perform effectively in this context of operational networks.

Our main approach is to look for attacks in their initial stage, when threat actors are trying to penetrate the network or when they are moving in the network. Once you understand how hackers behave and work, you are able to develop algorithms that detect traces of such attacks. In this way, we look at the network as a whole and inspect all its layers. With real-time and complete visibility, we show exactly what is happening and can immediately alert when the network is compromised.

Q: Why is now the time for a technology solution like CylusOne?

A: Just like in other modes of transportation, cyber threats have become a major concern, which cannot be ignored. Based on a significant number of meetings with rail stakeholders, I am sure that the railway industry understands this and is focused on finding the right solutions. The growing awareness is also noticeable in the increasing number of CISOs being appointed in rail companies.

There is also heightened awareness in the rail community. Over the past two years, we continue to see more rail events with cybersecurity playing an important part in their agendas.

The regulators are also acknowledging these threats by developing their own requirements, as can be seen in the EU, UK, US, and Australia. These new regulations are addressing cybersecurity aspects and applying technical and organizational measures to manage cyber risks.

Q: What are your plans for the future?

A: We are operating in many countries and will continue to extend our geographic reach into additional ones to meet the market demand.

We are also applying our technical and industry understanding to keep developing additional features and solutions. To meet the growing specific needs of our customers, we are planning on expanding our product offerings.